4984 Siem Jobs - Page 2

Location: Hyderabad (Work from Office) Experience: 8+ Years Employment Type: Full-Time Job Summary: We are seeking a highly skilled and experienced Senior PKI & Identity Infrastructure Engineer to lead the design, implementation, and maintenance of our organization's critical identity and security infrastructure. This role focuses on enterprise Public Key Infrastructure (PKI), Active Directory (AD), and cloud-based infrastructure in hybrid environments. The ideal candidate will bring deep expertise in PKI, Windows Certificate Services, Keyfactor, and cloud platforms such as AWS and Azure. This project is scheduled for one year that is extended up-to 3 years Key Areas Of Responsibility PKI Infrastructure Design and maintain enterprise PKI architecture using Windows Certificate Authority. Administer and optimize Keyfactor platform for certificate lifecycle management. Configure and manage Hardware Security Modules (HSMs). Automate certificate discovery, issuance, and renewal processes. Develop PKI policies, procedures, and disaster recovery plans. Monitor PKI environments to ensure compliance with security standards. Active Directory & Identity Management Architect and secure enterprise Active Directory infrastructure. Lead Active Directory hardening and consolidation initiatives. Configure and manage Microsoft Entra ID (formerly Azure AD). Design and manage enterprise SSO solutions and application integrations. Implement Zero Trust Architecture and identity lifecycle management. Establish security monitoring and alerting for AD environments. Cloud Infrastructure Design and maintain hybrid environments across AWS EC2 and Azure. Develop Infrastructure as Code (IaC) solutions using Terraform. Implement cloud security best practices and compliance frameworks. Manage cloud identity federation and networking. Design disaster recovery solutions and optimize cloud resource utilization. Required Technical Skills PKI Expertise: Advanced experience with Windows Certificate Authority. Hands-on with Keyfactor platform. Deep understanding of HSMs and certificate lifecycle management. Knowledge of PKI standards and compliance requirements. Active Directory & Identity Expert-level understanding of Active Directory architecture. AD security hardening, consolidation, and remediation. Experience with Microsoft Entra ID (Azure AD). Familiarity with SSO, application federation, and SIEM integration. Cloud & Automation Proficient in Terraform scripting for AWS/Azure infrastructure. Strong understanding of AWS EC2, Azure VM, networking, and identity. Automation using PowerShell, Python, and integration with CI/CD pipelines. Required Qualifications 8+ years of experience in IT infrastructure and security. 5+ years of specialized experience in PKI and Keyfactor. Strong cloud infrastructure knowledge (AWS and Azure). Proven track record of securing and managing enterprise-scale AD environments. Certifications Preferred Microsoft (MCSE, Azure Security Engineer) AWS (Associate or Professional level) Security (CISSP, CISM) Additional Skills Strong project management and leadership abilities Excellent communication and problem-solving skills Experience in technical documentation and change management Ability to explain complex concepts to both technical and non-technical stakeholders Key Projects & Tasks PKI Infrastructure: Design and deploy enterprise PKI. Automate certificate lifecycle with Keyfactor. Configure HSMs and ensure compliance. Active Directory Implement AD hardening and security monitoring. Manage Entra ID and enterprise SSO. Establish identity governance. Cloud Infrastructure Develop Terraform modules for hybrid cloud. Implement cloud security controls and DR planning. Optimize cloud costs and automate deployments.

Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast. Job Summary "Responsible for contributing towards the build and maintenance of the organization's cyber security systems and infrastructure. Exercises solid knowledge of engineering skills and methodology with a working knowledge of applicable cyber security compliance standards. Conducts security assessments and audits to identify cybersecurity risks within the company's networks, applications and operating systems. Helps secure and protect the Network Infrastructure: Routers, Switches, Optical Devices, L2 Datacenter and cabling, Strand Mounted devices, Secure Routing protocols, DOCSIS plant (CMTS/vCMTS/PON), SDN, best practice device configuration, network automation, monitoring and troubleshooting. Tests company's internal systems to validate security and detect any computer and information security weaknesses. Performs a technical analysis of vulnerabilities and determines the impacts to the organization Reports, tracks and records findings in a comprehensive vulnerability assessment report. Identifies and recommends appropriate action to mitigate vulnerabilities and reduce potential impacts on cybersecurity resources. Applies long-term objectives and plans related to the company's technical vision to daily activity. Applies innovative solutions for cyber engineering developmental problems that are competitive with industry and company standards. Works with moderate guidance in own area of knowledge. Employees at all levels are expect to: - Understand our Operating Principles; make them the guidelines for how you do your job - Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services - Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences - Win as a team - make big things happen by working together and being open to new ideas - Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers - Drive results and growth - Respect and promote inclusion and diversity - Do what's right for each other, our customers, investors and our communities" Job Description We are seeking a motivated and detail-oriented Cybersecurity Network Security Engineer with 2–5 years of experience to join our enterprise security team. The ideal candidate will be responsible for implementing and maintaining network security controls, monitoring network traffic, and defending the organization against network-based threats. This is a critical role focused on securing enterprise networks and ensuring compliance with security policies. Key Responsibilities - Implement, manage, and monitor network security devices including firewalls, IDS/IPS, VPNs, and proxies. - Analyze and respond to network security incidents and anomalies in real-time. - Conduct vulnerability assessments and remediate risks in network infrastructure. - Collaborate with IT and Security teams to design and enforce secure network architectures. - Perform regular network security reviews, audits, and risk assessments. - Manage and optimize firewall rules and access control lists across the enterprise. - Support incident response activities and participate in root cause analysis. - Maintain up-to-date documentation for network security infrastructure and policies. Required Skills & Experience - 2–5 years of experience in network security, cybersecurity, or related IT security roles. - Strong understanding of networking protocols, routing, switching, and firewall technologies. - Hands-on experience with firewalls (e.g., Palo Alto, Fortinet, Cisco ASA), IDS/IPS, and SIEM solutions. - Knowledge of VPNs, VLANs, and network segmentation principles. - Familiarity with network monitoring and packet analysis tools (e.g., Wireshark, SolarWinds). - Experience with cloud network security in AWS, Azure, or GCP is a plus. - Understanding of regulatory compliance standards (e.g., ISO 27001, NIST, PCI-DSS). - Scripting or automation experience (Python, PowerShell) is desirable. Preferred Qualifications - Certifications such as CCNA Security, CompTIA Security+, Palo Alto PCNSA, or similar. - Experience with Zero Trust Network Architecture (ZTNA). - Knowledge of threat intelligence and network threat hunting. Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details. Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. Relevant Work Experience 2-5 Years

JOB_POSTING-3-73096-3 Job Description Role Title : AVP, Threat Informed Defense Engineer (L10) Company Overview Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more. We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies. Synchrony celebrates ~52% women talent. We offer Flexibility and Choice for all employees and provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being. We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles. Organizational Overview This role is part of the Threat Informed Defense organization, responsible for researching, developing, and maintaining cyber detection capabilities. The team also manages and sources Technical Intelligence, leveraging it to enhance and refine detection methods and defenses against relevant threats. Additionally, it collaborates with the SOC Function (JSOC) and other partners to deliver high-fidelity security alerts, safeguarding Synchrony from cyber threats. Role Summary/Purpose The role of the Threat Informed Defense Engineer involves developing and maintaining automated processes that help to minimize cyber risk by improving the organization's ability to identify and respond to threats in an efficient manner. The team-member will partner with members of cyber operations, information security and the larger business to identify automation use-cases that they will then design, develop, and implement. Ideal candidates will have strong DevOps skill sets with knowledge of cyber detection concepts/strategies and security tools. More so, the ideal candidate will be capable of critical thinking and problem solving with a customer-first attitude. This is an IC role and position is remote, where you have the option to work from home. On occasion we may request for you to commute to our nearest office for in person engagement activities such as team meetings, training and culture events. To ensure the safety of our colleagues and communities, we require employees who come together in-person to be fully vaccinated. We’re proud to offer you choice and flexibility. Key Responsibilities Exhibit expertise in promptly identifying evolving cyber intelligence, testing Tactics, Techniques, and Procedures (TTPs) within a secure lab setting, and developing custom detection content to address identified gaps. Demonstrate a forward-thinking approach to prioritize and refine a backlog of detection content, leveraging Agile methodologies to ensure proper resource allocation and timely execution of high-priority initiatives. Proactively identify emerging cyber threats, conducting thorough assessments to gauge their potential impact on Synchrony. Experience and comfort with detection strategies and implementations in multiple OS (Windows, MacOS, Linux) and with cloud-based architectures (Amazon Web Services and Microsoft Azure). Foster cross-functional collaboration with CyberOps teams, contributing to the enhancement of detection alerting strategies. This includes spearheading initiatives such as designing detection pipelines, refining alert mechanisms, and optimizing existing alerting processes. Develop a deep understanding of Synchrony's cyber tool ecosystem, enabling informed recommendations for strengthening control mechanisms and fortifying defenses against potential cyber threats. Coordinate with Information Security teammates to manage and optimize detection content and alerting logic for key systems including security information and event management (SIEM), intrusion detection/prevention (IDS/IPS), Next Generation AV (NGAV), Endpoint Detection and Response (EDR), User Entity and Behavior Analytics (UEBA) platform amongst other core security tools. Assist in creation and implementation. Ability to automate tasks with APIs and serverless scripting. Design and implement automated security solutions for AWS cloud infrastructure. Develop and maintain security automation scripts and tools. Perform cleanup and sanitation of incoming log sources and events. Keeping up with the latest and greatest tools and techniques for combating security threats. Partner with technology leaders in adherence to technology strategy and roadmap. Support the day-to-day operations of the Security Operations program. Maintain knowledge of current security trends and be able to clearly communicate them to the team. Assist in responding to emergency situations and security incidents. Required Skills/Knowledge Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience. Able to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. Demonstrated competence in Python and Splunk Search Processing Language (SPL). Demonstrated competence in Agile methodologies. Past experience in a threat intelligence, threat hunt, or red team capacity in which use of threat intelligence and attack-focused frameworks was utilized Able to function effectively in a dynamic, fast-paced environment. Desired Skills/Knowledge Applicable Information Security professional certifications (e.g., SANS, AWS Security based certifications) and tool specific certifications. Ability to work independently as well as part of a team. Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems. Expertise to clearly define complex issues despite incomplete or ambiguous information. Strong oral and written communications skills. Strong interpersonal and critical thinking skills. Experience with Cloud Foundry/Docker is a plus. Prior SOC, cyber intelligence, or incident response experience is a plus Eligibility Criteria Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience. Work Timings: 03:00 PM to 12:00 AM IST For Internal Applicants Understand the criteria or mandatory skills required for the role, before applying Inform your manager and HRM before applying for any role on Workday Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format) Must not be any corrective action plan (First Formal/Final Formal, LPP) L8+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible L08+ Employees can apply Grade/Level: 10 Job Family Group Information Technology

About TradesTeam: TradesTeam is a home maintenance company providing services in a smart way to drive incredible value to customers across the UK. You will be joining an elite team of smart people to take this company to the next level. Job Overview: We're seeking someone with a Master’s degree in Cyber Security (or similar) with some Linux expertise. The individual must have a skill in Server Grade systems and want to join the Core initial team to help take this vision to a global level and help us gain rapid growth. This role will require close liaison with the Directors hence close contact with the Preston office is essential. Key Responsibilities: Maintaining existing, so things are running fast & smooth. Fixing IT related things that fail, it can be anything. Creating and managing logins for new / existing users – LDAP Ensuring company data and systems are secure from both internal & external bad actors. Keeping an eye on cyber security tools we will allow you to time to become familiar remember this is a key initial position from which the team will grow. Cyber Security tools such Firewalls, SIEM tools, IPS tools. Required Skills in order: Linux OS such as Roky, Debian, Ubuntu Server installing it or maintaining it. Cyber security implantation of threats over our network. Networking understanding of IP tabling. Creating VPN connections, using SSH and SSL connections A cool head to solve problems, not panic when it seems to be failing. be able to pool in technical experts to help on things you cannot solve as individual Preferred Qualifications / Certifications / Experiences: Master’s degree in Cyber Security – from a foreign university. Bachelors Degree in IT or related 5 years of work experience minimum since Bachelor graduation Some good certifications in Windows / Linux systems that prove application not just understanding. self learning from childhood. Investment in Certification via courses What We Offer: Salary Package of 4 LPA to 6 LPA Modern Office location in Ahmedabad. UK skilled Worker Visa Sponsorship [upto full 5 year term] after 6 months of success. Opportunity to become Global head of IT, within 6 months. If you are passionate about cybersecurity and eager to make a difference in a supportive environment, we invite you to apply today and join the Trades Team! TradesTeam values diversity and encourages applications from all backgrounds.

JOB_POSTING-3-73096-2 Job Description Role Title : AVP, Threat Informed Defense Engineer (L10) Company Overview Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more. We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies. Synchrony celebrates ~52% women talent. We offer Flexibility and Choice for all employees and provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being. We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles. Organizational Overview This role is part of the Threat Informed Defense organization, responsible for researching, developing, and maintaining cyber detection capabilities. The team also manages and sources Technical Intelligence, leveraging it to enhance and refine detection methods and defenses against relevant threats. Additionally, it collaborates with the SOC Function (JSOC) and other partners to deliver high-fidelity security alerts, safeguarding Synchrony from cyber threats. Role Summary/Purpose The role of the Threat Informed Defense Engineer involves developing and maintaining automated processes that help to minimize cyber risk by improving the organization's ability to identify and respond to threats in an efficient manner. The team-member will partner with members of cyber operations, information security and the larger business to identify automation use-cases that they will then design, develop, and implement. Ideal candidates will have strong DevOps skill sets with knowledge of cyber detection concepts/strategies and security tools. More so, the ideal candidate will be capable of critical thinking and problem solving with a customer-first attitude. This is an IC role and position is remote, where you have the option to work from home. On occasion we may request for you to commute to our nearest office for in person engagement activities such as team meetings, training and culture events. To ensure the safety of our colleagues and communities, we require employees who come together in-person to be fully vaccinated. We’re proud to offer you choice and flexibility. Key Responsibilities Exhibit expertise in promptly identifying evolving cyber intelligence, testing Tactics, Techniques, and Procedures (TTPs) within a secure lab setting, and developing custom detection content to address identified gaps. Demonstrate a forward-thinking approach to prioritize and refine a backlog of detection content, leveraging Agile methodologies to ensure proper resource allocation and timely execution of high-priority initiatives. Proactively identify emerging cyber threats, conducting thorough assessments to gauge their potential impact on Synchrony. Experience and comfort with detection strategies and implementations in multiple OS (Windows, MacOS, Linux) and with cloud-based architectures (Amazon Web Services and Microsoft Azure). Foster cross-functional collaboration with CyberOps teams, contributing to the enhancement of detection alerting strategies. This includes spearheading initiatives such as designing detection pipelines, refining alert mechanisms, and optimizing existing alerting processes. Develop a deep understanding of Synchrony's cyber tool ecosystem, enabling informed recommendations for strengthening control mechanisms and fortifying defenses against potential cyber threats. Coordinate with Information Security teammates to manage and optimize detection content and alerting logic for key systems including security information and event management (SIEM), intrusion detection/prevention (IDS/IPS), Next Generation AV (NGAV), Endpoint Detection and Response (EDR), User Entity and Behavior Analytics (UEBA) platform amongst other core security tools. Assist in creation and implementation. Ability to automate tasks with APIs and serverless scripting. Design and implement automated security solutions for AWS cloud infrastructure. Develop and maintain security automation scripts and tools. Perform cleanup and sanitation of incoming log sources and events. Keeping up with the latest and greatest tools and techniques for combating security threats. Partner with technology leaders in adherence to technology strategy and roadmap. Support the day-to-day operations of the Security Operations program. Maintain knowledge of current security trends and be able to clearly communicate them to the team. Assist in responding to emergency situations and security incidents. Required Skills/Knowledge Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience. Able to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. Demonstrated competence in Python and Splunk Search Processing Language (SPL). Demonstrated competence in Agile methodologies. Past experience in a threat intelligence, threat hunt, or red team capacity in which use of threat intelligence and attack-focused frameworks was utilized Able to function effectively in a dynamic, fast-paced environment. Desired Skills/Knowledge Applicable Information Security professional certifications (e.g., SANS, AWS Security based certifications) and tool specific certifications. Ability to work independently as well as part of a team. Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems. Expertise to clearly define complex issues despite incomplete or ambiguous information. Strong oral and written communications skills. Strong interpersonal and critical thinking skills. Experience with Cloud Foundry/Docker is a plus. Prior SOC, cyber intelligence, or incident response experience is a plus Eligibility Criteria Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience. Work Timings: 03:00 PM to 12:00 AM IST For Internal Applicants Understand the criteria or mandatory skills required for the role, before applying Inform your manager and HRM before applying for any role on Workday Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format) Must not be any corrective action plan (First Formal/Final Formal, LPP) L8+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible L08+ Employees can apply Grade/Level: 10 Job Family Group Information Technology

JOB_POSTING-3-73096-5 Job Description Role Title : AVP, Threat Informed Defense Engineer (L10) Company Overview Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more. We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies. Synchrony celebrates ~52% women talent. We offer Flexibility and Choice for all employees and provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being. We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles. Organizational Overview This role is part of the Threat Informed Defense organization, responsible for researching, developing, and maintaining cyber detection capabilities. The team also manages and sources Technical Intelligence, leveraging it to enhance and refine detection methods and defenses against relevant threats. Additionally, it collaborates with the SOC Function (JSOC) and other partners to deliver high-fidelity security alerts, safeguarding Synchrony from cyber threats. Role Summary/Purpose The role of the Threat Informed Defense Engineer involves developing and maintaining automated processes that help to minimize cyber risk by improving the organization's ability to identify and respond to threats in an efficient manner. The team-member will partner with members of cyber operations, information security and the larger business to identify automation use-cases that they will then design, develop, and implement. Ideal candidates will have strong DevOps skill sets with knowledge of cyber detection concepts/strategies and security tools. More so, the ideal candidate will be capable of critical thinking and problem solving with a customer-first attitude. This is an IC role and position is remote, where you have the option to work from home. On occasion we may request for you to commute to our nearest office for in person engagement activities such as team meetings, training and culture events. To ensure the safety of our colleagues and communities, we require employees who come together in-person to be fully vaccinated. We’re proud to offer you choice and flexibility. Key Responsibilities Exhibit expertise in promptly identifying evolving cyber intelligence, testing Tactics, Techniques, and Procedures (TTPs) within a secure lab setting, and developing custom detection content to address identified gaps. Demonstrate a forward-thinking approach to prioritize and refine a backlog of detection content, leveraging Agile methodologies to ensure proper resource allocation and timely execution of high-priority initiatives. Proactively identify emerging cyber threats, conducting thorough assessments to gauge their potential impact on Synchrony. Experience and comfort with detection strategies and implementations in multiple OS (Windows, MacOS, Linux) and with cloud-based architectures (Amazon Web Services and Microsoft Azure). Foster cross-functional collaboration with CyberOps teams, contributing to the enhancement of detection alerting strategies. This includes spearheading initiatives such as designing detection pipelines, refining alert mechanisms, and optimizing existing alerting processes. Develop a deep understanding of Synchrony's cyber tool ecosystem, enabling informed recommendations for strengthening control mechanisms and fortifying defenses against potential cyber threats. Coordinate with Information Security teammates to manage and optimize detection content and alerting logic for key systems including security information and event management (SIEM), intrusion detection/prevention (IDS/IPS), Next Generation AV (NGAV), Endpoint Detection and Response (EDR), User Entity and Behavior Analytics (UEBA) platform amongst other core security tools. Assist in creation and implementation. Ability to automate tasks with APIs and serverless scripting. Design and implement automated security solutions for AWS cloud infrastructure. Develop and maintain security automation scripts and tools. Perform cleanup and sanitation of incoming log sources and events. Keeping up with the latest and greatest tools and techniques for combating security threats. Partner with technology leaders in adherence to technology strategy and roadmap. Support the day-to-day operations of the Security Operations program. Maintain knowledge of current security trends and be able to clearly communicate them to the team. Assist in responding to emergency situations and security incidents. Required Skills/Knowledge Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience. Able to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. Demonstrated competence in Python and Splunk Search Processing Language (SPL). Demonstrated competence in Agile methodologies. Past experience in a threat intelligence, threat hunt, or red team capacity in which use of threat intelligence and attack-focused frameworks was utilized Able to function effectively in a dynamic, fast-paced environment. Desired Skills/Knowledge Applicable Information Security professional certifications (e.g., SANS, AWS Security based certifications) and tool specific certifications. Ability to work independently as well as part of a team. Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems. Expertise to clearly define complex issues despite incomplete or ambiguous information. Strong oral and written communications skills. Strong interpersonal and critical thinking skills. Experience with Cloud Foundry/Docker is a plus. Prior SOC, cyber intelligence, or incident response experience is a plus Eligibility Criteria Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience. Work Timings: 03:00 PM to 12:00 AM IST For Internal Applicants Understand the criteria or mandatory skills required for the role, before applying Inform your manager and HRM before applying for any role on Workday Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format) Must not be any corrective action plan (First Formal/Final Formal, LPP) L8+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible L08+ Employees can apply Grade/Level: 10 Job Family Group Information Technology

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : CyberArk Privileged Access Management Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: We are looking for an experienced CyberArk PAM Specialist to design, implement, and support CyberArk Privileged Access Management PAM solution. Roles and Responsibilities: 1. Define, design, and implement CyberArk Privilege Cloud-SaaS. 2. Install and configure cloud connectors. 3. Configure MFA, SAML, LDAP, SIEM integration 4. Troubleshoot and resolve CyberArk related technical issues. 5. Work closely with application teams to onboard different types to systems to CyberArk 6. Generate custom CPM, PSM plugins if required 7. Support application onboarding, including access policies, group assignments, and role management. 8. Communicate effectively with business teams, external clients, and solution providers. 9. Document technical designs, solutions, and implementation plans. 10. Work independently and take ownership of technical deliverables. Professional & Technical Skills: 1. Strong experience in CyberArk P-cloud, Conjure Secrets Management, CyberArk PAM-Vault, CPM, PVWA, AAM 2. Solid understanding of security standards and protocols including SSO, MFA, SAML, OAuth, OIDC, LDAP, RADIUS, and Kerberos. 3. Proficient in CyberArk and related technologies. Experience in system administration, scripting UNIX, Linux scripting, Rest API, LDAP directories, Active Directory 4. Experience in providing guidance in CyberArk strategy; must have PAM deep dive experience. 5. Strong understanding of PAM Architecture, deployment methodologies and best practices. 6. Effective at presenting information to different audiences at the correct level of detail e.g. from engineering teams to executive management. 7. Be a product and domain expert in PAM domain experienced in conducting environment assessments and health checks in line with best practices. 8. Strong troubleshooting and problem-solving skills. 9. Experience in EPM is desirable but not mandatory 10. Excellent verbal and written communication skills. 11. Ability to work independently on technical tasks and client engagements. 12. Candidate must be an independent self-starter able to perform all deployment activities with oversight and as a member of a project team. 13. Candidate must have Sentry Certification. Nice to have CyberArk CDE 14. Good to Have Skills Thycotic Delinea, Beyond Trust, HashiCorp Vault Additional Information: 1. 9+ years experience related to designing, deploying, and configuring PAM solutions, or 6+ years direct PAM consulting experience. 2. Candidate must have completed 16 years of full-time education. 3. This position is open to all Accenture locations.

Colt provides network, voice and data centre services to thousands of businesses around the world, allowing them to focus on delivering their business goals instead of the underlying infrastructure. Why we need this role This role is critical to protecting both internal telecom infrastructure and customer-facing security services. It ensures the secure deployment and management of technologies across backbone, edge, and cloud environments, while supporting the delivery and integration of managed security solutions for customers. The role plays a key part in incident response, vulnerability management, and maintaining robust security standards. By collaborating across engineering, operations, and product teams, it helps embed security into every layer of the network and service lifecycle, ensuring resilience, compliance, and customer trust. What You Will Do Security Product Engineering (Customer-Facing Focus) Support deployment and integration of customer security products such as managed firewalls, SD-WAN, SASE platforms, and DDoS mitigation solutions. Perform configuration, troubleshooting, and tuning of security services in customer environments. Assist in onboarding, proof-of-concept testing, and support transitions to operations for customer security services. Work with solution architects to operationalize and maintain secure design patterns and templates. Infrastructure Security (Internal Focus) Deploy and manage security technologies across the telecom backbone, edge, and data centre infrastructure (e.g., firewalls, IDS/IPS, SIEM, PAM, NAC). Collaborate with network and systems teams to secure IP/MPLS transport, SDN platforms, automation tools, and cloud workloads. Monitor and analyse security events and alerts, responding to incidents and escalating as appropriate. Assist with vulnerability assessments, patch management validation, and configuration hardening. Document and maintain infrastructure security standards, configurations, and runbooks. Support & Collaboration Participate in security incident response, root cause analysis, and remediation efforts. Provide input on threat modelling, security testing, and design reviews for internal and external services. Stay current on security threats, tooling, and telecom-relevant vulnerabilities. Collaborate cross-functionally with engineering, operations, product, and customer support teams. What We're Looking For Must haves 3–7 years of experience in security engineering and/or network engineering Solid understanding of TCP/IP, routing, firewalls, VPN, and network segmentation principles. Hands-on experience with security tools such as firewalls (Fortinet, Palo Alto, etc.), SIEM/SOAR, IDS/IPS, EDR, or vulnerability scanners. Familiarity with Linux, scripting (Python, Bash), and infrastructure-as-code concepts. Knowledge of secure configuration standards (e.g., CIS benchmarks) and common protocols (e.g., BGP, DNS, SNMP). Might haves Experience supporting or delivering telecom or ISP infrastructure. Exposure to customer-facing security services or managed security environments. Familiarity with regulatory and industry standards (e.g., NIST, ISO 27001, UK TSA). Certifications such as Security+, GSEC, GCIA, or equivalent are a plus. Telecom or carrier experience strongly preferred Skills Cyber Security Architecture IT Architecture Methodologies Cyber Security Tools/Products Cyber Security Planning Security Compliance Education A Masters of Bachelors degree such as Computer Science, Information Security or related field What We Offer You Looking to make a mark? At Colt, you’ll make a difference. Because around here, we empower people. We don’t tell you what to do. Instead, we employ people we trust, who come together across the globe to create intelligent solutions. Our global teams are full of ambitious, driven people, all working together towards one shared purpose: to put the power of the digital universe in the hands of our customers wherever, whenever and however they want. We give our people the opportunity to inspire and lead teams, and work on projects that connect people, cities, businesses, and ideas. We want you to help us change the world, for the better. Diversity and inclusion Inclusion and valuing diversity of thought and experience are at the heart of our culture here at Colt. From day one, you’ll be encouraged to be yourself because we believe that’s what helps our people to thrive. We welcome people with diverse backgrounds and experiences, regardless of their gender identity or expression, sexual orientation, race, religion, disability, neurodiversity, age, marital status, pregnancy status, or place of birth. Most Recently We Have Signed the UN Women Empowerment Principles which guide our Gender Action Plan Trained 60 (and growing) Colties to be Mental Health First Aiders Please speak with a member of our recruitment team if you require adjustments to our recruitment process to support you. For more information about our Inclusion and Diversity agenda, visit our DEI pages. Benefits Our benefits support you through all parts of life, for both physical and mental health. Flexible working hours and the option to work from home. Extensive induction program with experienced mentors and buddies. Opportunities for further development and educational opportunities. Global Family Leave Policy. Employee Assistance Program. Internal inclusion & diversity employee networks. A global network When you join Colt you become part of our global network. We are proud of our colleagues and the stories and experience they bring – take a look at ‘Our People’ site including our Empowered Women in Tech.

Location: Noida Experience: 2 - 3 Years Notice Period: Immediate to 15 Days About the Role As a SOC Analyst at NCG , you will play a pivotal role in safeguarding our digital assets and ensuring the integrity of our information systems. Your expertise will directly contribute to the success of our organization by proactively identifying, analyzing, and responding to security incidents. You will be part of a collaborative team of 15 dedicated professionals, reporting directly to the SOC Manager. You will also provide guidance and training to junior SOC analysts, fostering a culture of learning and professional growth within the team. Key Responsibilities Continuously analyze security events and alerts from various sources, including SIEM tools, to identify potential threats and vulnerabilities. Lead the investigation and response to security incidents, coordinating with cross-functional teams to ensure timely resolution and documentation. Conduct in-depth analysis of security incidents and trends, providing actionable insights to improve our security strategies and defenses. Collaborate with the security team to develop and refine security policies, procedures, and best practices to enhance organizational security. Provide guidance and training to junior SOC analysts, fostering a culture of learning and professional growth within the team. Work closely with IT, compliance, and risk management teams to ensure alignment on security initiatives and incident response protocols. You Might Be Our Ideal Match If You: Hold a Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field . Have 23 years of experience in a Security Operations Center (SOC) or similar role. Possess proficiency in SIEM tools (e.g., Splunk, ArcSight) and incident response platforms. Demonstrate strong written and verbal communication skills , with the ability to present complex information clearly and concisely. Have proven leadership abilities , with experience in mentoring and developing team members. Exhibit excellent problem-solving and analytical thinking skills , with a keen attention to detail. Education Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Why You'll Love Working With Us NCG (NetConnect Global) is a leading digital transformation, engineering, and professional services company that partners with global enterprises and technology global companies to deliver cutting-edge, future-ready solutions. Since 1997, NCG has been enabling organizations to reimagine their business models and operations through innovative digitalization strategies. NCG specializes in: Cloud and Infrastructure Solutions : Scalable, secure, and resilient IT environments tailored to modern enterprise needs. Cybersecurity : End-to-end protection across networks, data, and applications, guided by global compliance and risk frameworks. Artificial Intelligence & Machine Learning (AI/ML) : Custom AI models, automation, and intelligent systems to drive smarter decision-making. Advanced Data Analytics : Data-driven insights through modern analytics, visualization, and data engineering platforms. The company is Great Place to Work Certified , backed by a strong workforce of over 2,000+ full-time employees and a global alumni network exceeding 22,000 professionals . NCG is committed to operational excellence and ethical standards, demonstrated through its: ISO Certification for quality management and service delivery RBA Certification aligning with the Responsible Business Alliance code of conduct CyberVadis Rating validating its strong posture in cybersecurity and data governance By blending deep domain expertise with a people-centric and innovation-driven approach, NCG continues to shape the future of digital enterprises worldwide. Benefits At NCG, we believe that taking care of our people is the foundation of everything we do. That's why we've built a comprehensive benefits package designed to support you and your family through every stage of life. Family First Benefits Growing Your Family We've got you covered! New mothers receive a generous 6 months of fully paid maternity leave to bond with their little ones. And for new dads, we provide 5 days of paid paternity leave because those early moments matter. Health & Wellness Protection Your Health is Our Priority. We provide robust medical coverage starting from your very first day: Group Medical Insurance : Eligible employees receive comprehensive medical insurance coverage Family Coverage : Add your spouse, up to 2 children, and parents to your policy. Choose from multiple coverage options based on your family's needs Flexible Treatment Options : Get cashless treatment at network hospitals or claim reimbursements for treatment anywhere else ESIC Benefits : We provide comprehensive social security coverage including medical benefits, disability support, and more

About Northern Trust Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Major Duties | Key Responsibilities: Serve as the senior team leader/member of APAC Security Operations and be an integral part of Northern Trust security organization's first line of defense. Execute global/regional strategy and support the objectives of the Global/APAC Head of Security Operations (a direct report to NT’s Management Group) Lead/Drive NT's SOC/CIRT operations in US time zone from Pune office; remediate cyber security incidents leveraging various tools/applications, within the timeframes defined by applicable service level agreements (SLAs). Ensure Tier 1 technical support for NTC3 controlled technologies. Identify and/or develop opportunities for workflow automation. Advise regional leader/manager with tactical/strategic/operational assistance/guidance to achieve mission objectives specific to security operations. Assist and/or train ‘Security Operations’ analysts manning the incident queue. Provide them with technical training and workshops on using in-house SIEM/SecOps tools and technologies while introducing new content, alerts and data sources. Ensure tracking of defined KPIs (Strategic, Operational, Tactical-Mean time to detect (MTTD) | Mean time to respond (MTTR) | Partner Engagement Score) in order to measure improvements, enrich incidents and continuously evaluate responses. Create and update operational cyber security workflows, technical internal documentation and team management tasks (Rostering etc.) Willingly and effectively collaborates with partners from other regions while documenting and sharing the outcome with local partners. Stay updated on emerging threats and vulnerabilities. Skills Excellent spoken and written communication skills, integrity and professional ethics. Should have knowledge of ITIL processes, ticketing system/management tools. Expected to have good knowledge/hands-on experience in security/cloud platforms/technologies. Candidate with knowledge of Azure platform preferred. Qualifications | Experience: A College or University degree and/or relevant proven work experience in the area of Information Security / software development is required. 10-12 years of hands-on technical work experience. Working With Us As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.

The Associate Threat Analyst will provide intrusion/incident monitoring and detection utilizing customer provided data sources, audit and monitoring tools at both the government and enterprise level. An Associate Threat Analyst is required to be flexible and adapt to change quickly. The Associate Threat Analyst will work closely with our Threat Analyst to service customers through our Managed Detection and Response offering. How You’ll Make An Impact Analyze, document and report on potential security incidents identified in customer environments. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide triage on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and triage client’s issues regarding mitigation of identified threats Provide ongoing recommendations customers on best practices Actively research current threats and attack vectors being exploited in the wild Utilize defined SOP’s and KB’s Performs other duties as assigned Complies with all policies and standards What We’re Looking For Less than 2years of working with Incident Ticketing Systems (i.e. ServiceNow, Remedy, Remedy Force, Heat, etc.). required Desire to gain full-time professional experience in the Information Security field Excellent time management, reporting, communication skills, and ability to prioritize work Ability to generate comprehensive written reports and recommendations Write professional emails Previous experience as a point of escalation in a technical environment Customer interactions and working through various issues Base knowledge of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV Ability to work customer’s environments to report on critical security events Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem Queue management Data analysis using SIEM, Database tools such as Elastic, and Excel Experience troubleshooting security, network, and or endpoints IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, Exabeam, Securonix, and Splunk) Familiarity with web-based attacks and the OWASP Top 10 at a minimum Attack vectors and exploitation Mitigation, Active Directory Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including: Windows security architecture and terminology Common system hardening best practices Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) Carbon Black, CrowdStrike, McAfee/Intel, Symantec, Sophos or Trend Micro Ability to identify common false positives and make suggestions on tuning Malware, Denial of Service Attacks, Brute force attacks Understanding of base malware propagation and attack vectors Propagation of malware in enterprise environments Experience with malware protection tools such as FireEye a plus. Understanding of malware mitigation controls in an enterprise environment. Network Based Attacks / System Based Attacks Familiarity with vulnerability scoring systems such as CVSS Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks Eligibility to obtain security clearance Shift flexibility, including the ability to provide on call support when needed This role is Work from Office and 24/7 shifts What You Can Expect From Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups. Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.

About Deutsche Börse Group: Headquartered in Frankfurt, Germany, Deutsche Börse Group is a leading international exchange organization and market infrastructure provider. They empower investors, financial institutions, and companies by facilitating access to global capital markets. Their India centre is located in Hyderabad, serves as a key strategic hub and comprises India’s top-tier tech talent. They focus on crafting advanced IT solutions that elevate market infrastructure and services. Deutsche Börse Group in India is composed of a team of capital market engineers forming the backbone of financial markets worldwide. Purple Teaming Specialist Your career at Deutsche Börse Group: The Group Security department directly contributes to execution of the Deutsche Börse Group information security strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets in terms of safety, integrity, confidentiality, authenticity, and availability by enforcing information security controls based on the relevant regulatory requirements and follows the international standard ISO/IEC 27000-series on the Information Security Management System. Your area of work: Cyber Defense Framework team operates in strict cooperation with CERT, SOC, Threat Intelligence and Cyber Analytics teams (responsible for SIEM use case implementation). Cyber Defense Framework team is responsible for a wide range of essential tasks, including defining comprehensive requirements, setting strategic goals, and conducting maturity evaluations to enhance our threat detection capabilities. This includes Roadmap definition, Purple Teaming, Internal Red Teaming, Threat Modeling and Threat Management structured against MITRE. We are looking for a Security Engineer (Offensive Security) to enhance our efforts in Purple Teaming, Internal Red Teaming and Threat Modeling. The ideal candidate will have a deep understanding of attack scenarios and a strong background in leveraging real-world cyber attacks in a secure matter. You will work closely with security teams to analyse attack trends, emulate cybersecurity attacks and optimize monitoring rules. Your responsibilities: Assess the organization’s security posture against evolving threats and propose enhancements Drive further improvements for breach and attack simulation efforts Understand threat scenarios and threat actor approach to perform red team/penetration testing exercises and suggest remediations and support closures Threat actor profiling and understanding operations of threat actors Transpose defensive strategies and relevant threat hunting from threat actor’s attack approach Understand how external attacks happen and support remediation of external threats Develop and refine detection use cases based on MITRE ATT&CK and real-world attack scenarios Collaborate with Red and Blue Teams to continuously refine detection and response strategies Your profile: Previous experience in a penetration testing or red team role is considered a strong asset as well as involvement in threat detection investigations Solid IT Security technical background and broad knowledge of IT and Information Security technologies especially in the frame of threat detection and security monitoring (e.g. SIEM, EDR, Cloud Security) Solid understanding of cyber threats and appropriate detection measures Familiar with threat-informed cyber defense, esp. using MITRE ATT&CK framework Deliverable-oriented, with strong problem-solving skills and adaptation on complex and highly regulated environment Team player willing to cooperate with multiple colleagues across office locations Good report-writing skills to present the results of an attack simulation Scripting skills (e.g. Python, Bash, Perl) is considered a strong asset Technical certification in the area of Red Teaming/Penetration Testing/Purple Teaming or Threat Hunting (e.g. GIAC, OSCP, CEH, etc.) are considered as a strong asset. Familiarity with cloud security and performing security assessments in GCP, Azure, and AWS. Proficiency in written and spoken English; French/German language skills will be an asset

We deliver the world’s most complex projects Work as part of a collaborative and inclusive team Enjoy a varied & challenging role Building on our past. Ready for the future Worley is a global professional services company of energy, chemicals and resources experts headquartered in Australia. Right now, we’re bridging two worlds as we accelerate to more sustainable energy sources, while helping our customers provide the energy, chemicals and resources that society needs now. We partner with our customers to deliver projects and create value over the life of their portfolio of assets. We solve complex problems by finding integrated data-centric solutions from the first stages of consulting and engineering to installation and commissioning, to the last stages of decommissioning and remediation. Join us and help drive innovation and sustainability in our projects. The Role As a Senior Cyber Security Analyst with Worley, you will work closely with our existing team to deliver projects for our clients while continuing to develop your skills and experience etc. We are seeking a Senior Cyber Security Analyst -a Subject Matter Expert (SME)- to join our Information Security team. The ideal candidate will be responsible for designing, implementing, monitoring, reacting, and reporting on information security events within the DLP scope. Additionally, the role includes managing security tools and IT systems with a special focus on DLP enablement. DLP Strategy & Policy Design Serve as a Subject Matter Expert (SME) for DLP solutions, technologies, and best practices. Design, implement, and optimize DLP policies to detect and prevent unauthorized access, sharing, and data exfiltration. Define and maintain DLP governance frameworks, aligning with regulatory requirements Identify sensitive data requiring protection across endpoints, cloud, email, and network. Implementation & Configuration Deploy and configure DLP controls to monitor, alert, and block potential data leaks. Define and enforce DLP rules for structured & unstructured data, including Personally Identifiable Information (PII), Intellectual Property (IP), and financial data. Integrate DLP solutions with other security tools. Monitoring & Continuous Improvement Monitor and analyze DLP alerts and incidents, identifying trends and areas for improvement. Ensuring DLP alerts and incidents get routed to monitoring/response processes in accordance with defined internal procedures Perform regular tuning and updates to enhance detection accuracy and reduce false positives. Develop automated response actions to mitigate risks and ensure business continuity. Compliance & Stakeholder Collaboration Ensure compliance with data protection regulations and industry security standards. Collaborate with cross-functional teams to resolve complex technical issues and to align DLP policies with business needs. Provide guidance and training to employees on DLP policies, security best practices, and insider threat awareness. Reporting & Documentation Define and generate DLP metric supporting the reporting needs across the organization Document DLP configurations, policies, and operational procedures. Provide technical recommendations to enhance data security strategies. About You To be considered for this role it is envisaged you will possess the following attributes: Ability to balance security measures with business needs A proactive approach to identifying and mitigating data loss risks before they become security incidents Proven experience with DLP solutions (e.g., Microsoft Purview, Symantec, Forcepoint, McAfee/Trellix, Digital Guardian, Zscaler). Strong knowledge of DLP policies, rules, content inspection techniques, and data classification models. Experience working with cloud-based DLP (e.g., CASB, SaaS security, O365 DLP, Google Workspace DLP) Understanding of network security, endpoint security, and encryption techniques. Familiarity with SIEM, SOC workflows, and incident response processes. Moving forward together We want our people to be energized and empowered to drive sustainable impact. So, our focus is on a values-inspired culture that unlocks brilliance through belonging, connection and innovation. We’re building a diverse, inclusive and respectful workplace. Creating a space where everyone feels they belong, can be themselves, and are heard. And we're not just talking about it; we're doing it. We're reskilling our people, leveraging transferable skills, and supporting the transition of our workforce to become experts in today's low carbon energy infrastructure and technology. Whatever your ambition, there’s a path for you here. And there’s no barrier to your potential career success. Join us to broaden your horizons, explore diverse opportunities, and be part of delivering sustainable change. Worley takes personal data protection seriously and respects EU and local data protection laws. You can read our full Recruitment Privacy Notice Here. Please note: If you are being represented by a recruitment agency you will not be considered, to be considered you will need to apply directly to Worley. Company Worley Primary Location IND-MM-Mumbai Other Locations IND-KR-Bangalore, IND-AP-Hyderabad, IND-MM-Pune, IND-MM-Navi Mumbai Job Cyber Security Schedule Full-time Employment Type Employee Job Level Experienced Job Posting Jul 14, 2025 Unposting Date Aug 13, 2025 Reporting Manager Title Manager

Job Description Education : Bachelor’s or master’s degree in computer science, information systems, cybersecurity or a related field. Security And Technical Experience The security architect should have direct, documented and verifiable experience with the following: Experience in using architecture methodologies such as SABSA, Zachman and TOGAF Direct, hands-on experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology Verifiable experience reviewing application code for security vulnerabilities Direct, hands-on experience using vulnerability management tools Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services Full-stack knowledge of IT infrastructure: Applications Databases Operating systems (Windows, UNIX and Linux) Hypervisors IP networks (WAN, LAN) Storage networks (Fibre Channel, iSCSI and network-attached storage) Backup networks and media Direct experience designing IAM technologies and services (e.g., Active Director, LDAP, Amazon Web Services’ [AWS’] IAM) Strong working knowledge of IT service management (e.g., ITIL-related disciplines): Change management Configuration management Asset management Incident management Problem management Experience designing the deployment of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure) Industry And Regulatory Experience The security architect is expected to have documented experience with the following: Regulations, Standards And Frameworks Payment Card Industry’s Data Security Standard (PCI-DSS) Health Insurance Portability and Accountability Act (HIPAA)/Health Information Technology for Economic and Clinical Health (HITECH) Validated Systems (e.g., Good Automated Manufacturing Practice [GAMP]) Sarbanes-Oxley Act General Data Protection Regulation (GDPR) Privacy Principles (best practices) International Organization for Standardization (ISO) 27001/2 National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) International Traffic in Arms Regulations (ITAR) Industry, Market Or Sector Experience Manufacturing Automotive Business-Related Skills The security architect at a midsize organization is expected to contribute his/her insights not only to colleagues within the security team and the CISO, but also to colleagues within IA, risk management and other line-of-business teams. To ensure that security-related matters are adequately conveyed, the following skills are required: Strategic planning skills — The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers. Communication skills — The security architect will be required to translate complex security-related matters into business terms that are readily understood by the CISO and line-of-business colleagues. The security architect should anticipate presenting his or her analysis both in person and in written formats. Financial analysis — As part of the due diligence of security technologies, the security architect will be expected to evaluate the financial costs of recommended technologies. Specifically, the security architect will need to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation or the ROI, or payback period for services or technologies that are replacing existing capabilities. Project management — Security services and technology implementations will require solid project management skills. The security architect will be expected to draft project plans for security service and technology deployments, and coordinate with stakeholders across the organization. Required Certifications The security architect will evidence his or her knowledge of security and risk management through ongoing continuing professional education. The ideal candidate will maintain one or more of the following certifications. ISC2’s CISSP, ISACA’s CISM, ISACA’s CISA, The Open Group’s TOGAF, SANS’ GAIC, IAPP’s CIPT Skill Required

We deliver the world’s most complex projects Work as part of a collaborative and inclusive team Enjoy a varied & challenging role Building on our past. Ready for the future Worley is a global professional services company of energy, chemicals and resources experts headquartered in Australia. Right now, we’re bridging two worlds as we accelerate to more sustainable energy sources, while helping our customers provide the energy, chemicals and resources that society needs now. We partner with our customers to deliver projects and create value over the life of their portfolio of assets. We solve complex problems by finding integrated data-centric solutions from the first stages of consulting and engineering to installation and commissioning, to the last stages of decommissioning and remediation. Join us and help drive innovation and sustainability in our projects. The Role As a Senior Cyber Security Analyst with Worley, you will work closely with our existing team to deliver projects for our clients while continuing to develop your skills and experience etc. We are seeking a Senior Cyber Security Analyst -a Subject Matter Expert (SME)- to join our Information Security team. The ideal candidate will be responsible for designing, implementing, monitoring, reacting, and reporting on information security events within the DLP scope. Additionally, the role includes managing security tools and IT systems with a special focus on DLP enablement. DLP Strategy & Policy Design Serve as a Subject Matter Expert (SME) for DLP solutions, technologies, and best practices. Design, implement, and optimize DLP policies to detect and prevent unauthorized access, sharing, and data exfiltration. Define and maintain DLP governance frameworks, aligning with regulatory requirements Identify sensitive data requiring protection across endpoints, cloud, email, and network. Implementation & Configuration Deploy and configure DLP controls to monitor, alert, and block potential data leaks. Define and enforce DLP rules for structured & unstructured data, including Personally Identifiable Information (PII), Intellectual Property (IP), and financial data. Integrate DLP solutions with other security tools. Monitoring & Continuous Improvement Monitor and analyze DLP alerts and incidents, identifying trends and areas for improvement. Ensuring DLP alerts and incidents get routed to monitoring/response processes in accordance with defined internal procedures Perform regular tuning and updates to enhance detection accuracy and reduce false positives. Develop automated response actions to mitigate risks and ensure business continuity. Compliance & Stakeholder Collaboration Ensure compliance with data protection regulations and industry security standards. Collaborate with cross-functional teams to resolve complex technical issues and to align DLP policies with business needs. Provide guidance and training to employees on DLP policies, security best practices, and insider threat awareness. Reporting & Documentation Define and generate DLP metric supporting the reporting needs across the organization Document DLP configurations, policies, and operational procedures. Provide technical recommendations to enhance data security strategies. About You To be considered for this role it is envisaged you will possess the following attributes: Ability to balance security measures with business needs A proactive approach to identifying and mitigating data loss risks before they become security incidents Proven experience with DLP solutions (e.g., Microsoft Purview, Symantec, Forcepoint, McAfee/Trellix, Digital Guardian, Zscaler). Strong knowledge of DLP policies, rules, content inspection techniques, and data classification models. Experience working with cloud-based DLP (e.g., CASB, SaaS security, O365 DLP, Google Workspace DLP) Understanding of network security, endpoint security, and encryption techniques. Familiarity with SIEM, SOC workflows, and incident response processes. Moving forward together We want our people to be energized and empowered to drive sustainable impact. So, our focus is on a values-inspired culture that unlocks brilliance through belonging, connection and innovation. We’re building a diverse, inclusive and respectful workplace. Creating a space where everyone feels they belong, can be themselves, and are heard. And we're not just talking about it; we're doing it. We're reskilling our people, leveraging transferable skills, and supporting the transition of our workforce to become experts in today's low carbon energy infrastructure and technology. Whatever your ambition, there’s a path for you here. And there’s no barrier to your potential career success. Join us to broaden your horizons, explore diverse opportunities, and be part of delivering sustainable change. Worley takes personal data protection seriously and respects EU and local data protection laws. You can read our full Recruitment Privacy Notice Here. Please note: If you are being represented by a recruitment agency you will not be considered, to be considered you will need to apply directly to Worley. Company Worley Primary Location IND-MM-Mumbai Other Locations IND-KR-Bangalore, IND-AP-Hyderabad, IND-MM-Pune, IND-MM-Navi Mumbai Job Cyber Security Schedule Full-time Employment Type Employee Job Level Experienced Job Posting Jul 14, 2025 Unposting Date Aug 13, 2025 Reporting Manager Title Manager

Job Role: Sr. Cyber Security Engineer(L3) Type: Full Time Location: Remote Intraedge is seeking a seasoned Cybersecurity Engineer on behalf of its financial domain client to support advanced threat detection, data-driven defense, and automation within a cloud-first, consumer-centric environment. This role will lead the development and implementation of intelligent security solutions using SIEM, SOAR, and machine learning to enhance detection, response, and operational efficiency across the enterprise. Key Responsibilities * Design, implement, and manage enterprise SIEM (Splunk) solutions for centralized log analysis and real-time event monitoring. * Develop and fine-tune correlation rules, alerts, dashboards , and use cases to detect anomalous and malicious activity. * Lead data ingestion and normalization from varied enterprise systems (e.g., cloud workloads, endpoints, network devices). * Develop and maintain SOAR playbooks to automate incident detection, triage, response, and recovery. * Optimize SOAR workflows and integrations with security infrastructure to reduce MTTD/MTTR. * Build and apply machine learning models to identify security anomalies, enrich event context, and predict threats. * Collaborate with Security Operations Center (SOC) , DevOps , IT , and business units to align security automation with business goals. * Analyze incident data to uncover trends and provide recommendations for improving controls and detection. * Maintain detailed documentation for playbooks, integrations, automation processes, and incident response protocols. * Stay abreast of industry trends and emerging tools to continually advance detection and automation strategies. * Mentor junior engineers and assist in promoting SOAR and SIEM best practices across the team. Required Qualifications * 4+ years of experience in cybersecurity engineering , including SIEM (Splunk), SOAR, and machine learning-based threat detection. * 3+ years of experience in security automation using platforms such as Splunk SOAR, XSOAR, Swimlane , or similar. * 3+ years in cyber data engineering or analytics: log processing, enrichment, and telemetry pipelines. * Expertise in scripting languages like Python and PowerShell , and using REST APIs for integrations. * Proven experience designing and deploying security automation workflows in enterprise environments. * Bachelor's degree in Computer Science , Information Security , Engineering , or related field-or equivalent experience. * Ability to troubleshoot complex security issues and integrate with diverse platforms. * Strong communication and collaboration skills to work with technical and non-technical stakeholders. Preferred Qualifications * Hands-on experience with cloud platforms such as AWS , Azure , or Google Cloud Platform . * Familiarity with cloud-native security tooling , telemetry pipelines, and serverless security design patterns. * Experience working within Agile environments and cross-functional DevSecOps teams. * Knowledge of change management processes , compliance frameworks (e.g., NIST, ISO), and regulatory constraints in financial services.

Threat Hunter 2 Hyderabad, Telangana, India Date posted Jul 31, 2025 Job number 1854813 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are seeking for a passionate cybersecurity professionals to join our growing team of Defenders. In this role, you will proactively detect, investigate, and respond to advanced threats across enterprise environments using cutting-edge and AI enabled security tools and threat intelligence. The ideal candidate combines strong security expertise with a curious mindset and skills to conduct deep threat analysis. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Graduate degree in engineering or equivalent discipline. 3–7 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team). Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.). Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations. Proficiency in KQL, Python, or similar scripting languages for data analysis and automation. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs. Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics. Certifications like CISSP, OSCP, CEH, GCIH, AZ-500, SC-200 or similar/equivalent are a plus. Responsibilities Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC etc.) Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network. Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors. Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies. Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows. Contribute to incident documentation, detection playbooks, and operational runbooks. Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT). Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

We deliver the world’s most complex projects Work as part of a collaborative and inclusive team Enjoy a varied & challenging role Building on our past. Ready for the future Worley is a global professional services company of energy, chemicals and resources experts headquartered in Australia. Right now, we’re bridging two worlds as we accelerate to more sustainable energy sources, while helping our customers provide the energy, chemicals and resources that society needs now. We partner with our customers to deliver projects and create value over the life of their portfolio of assets. We solve complex problems by finding integrated data-centric solutions from the first stages of consulting and engineering to installation and commissioning, to the last stages of decommissioning and remediation. Join us and help drive innovation and sustainability in our projects. The Role As a Senior Cyber Security Analyst with Worley, you will work closely with our existing team to deliver projects for our clients while continuing to develop your skills and experience etc. We are seeking a Senior Cyber Security Analyst -a Subject Matter Expert (SME)- to join our Information Security team. The ideal candidate will be responsible for designing, implementing, monitoring, reacting, and reporting on information security events within the DLP scope. Additionally, the role includes managing security tools and IT systems with a special focus on DLP enablement. DLP Strategy & Policy Design Serve as a Subject Matter Expert (SME) for DLP solutions, technologies, and best practices. Design, implement, and optimize DLP policies to detect and prevent unauthorized access, sharing, and data exfiltration. Define and maintain DLP governance frameworks, aligning with regulatory requirements Identify sensitive data requiring protection across endpoints, cloud, email, and network. Implementation & Configuration Deploy and configure DLP controls to monitor, alert, and block potential data leaks. Define and enforce DLP rules for structured & unstructured data, including Personally Identifiable Information (PII), Intellectual Property (IP), and financial data. Integrate DLP solutions with other security tools. Monitoring & Continuous Improvement Monitor and analyze DLP alerts and incidents, identifying trends and areas for improvement. Ensuring DLP alerts and incidents get routed to monitoring/response processes in accordance with defined internal procedures Perform regular tuning and updates to enhance detection accuracy and reduce false positives. Develop automated response actions to mitigate risks and ensure business continuity. Compliance & Stakeholder Collaboration Ensure compliance with data protection regulations and industry security standards. Collaborate with cross-functional teams to resolve complex technical issues and to align DLP policies with business needs. Provide guidance and training to employees on DLP policies, security best practices, and insider threat awareness. Reporting & Documentation Define and generate DLP metric supporting the reporting needs across the organization Document DLP configurations, policies, and operational procedures. Provide technical recommendations to enhance data security strategies. About You To be considered for this role it is envisaged you will possess the following attributes: Ability to balance security measures with business needs A proactive approach to identifying and mitigating data loss risks before they become security incidents Proven experience with DLP solutions (e.g., Microsoft Purview, Symantec, Forcepoint, McAfee/Trellix, Digital Guardian, Zscaler). Strong knowledge of DLP policies, rules, content inspection techniques, and data classification models. Experience working with cloud-based DLP (e.g., CASB, SaaS security, O365 DLP, Google Workspace DLP) Understanding of network security, endpoint security, and encryption techniques. Familiarity with SIEM, SOC workflows, and incident response processes. Moving forward together We want our people to be energized and empowered to drive sustainable impact. So, our focus is on a values-inspired culture that unlocks brilliance through belonging, connection and innovation. We’re building a diverse, inclusive and respectful workplace. Creating a space where everyone feels they belong, can be themselves, and are heard. And we're not just talking about it; we're doing it. We're reskilling our people, leveraging transferable skills, and supporting the transition of our workforce to become experts in today's low carbon energy infrastructure and technology. Whatever your ambition, there’s a path for you here. And there’s no barrier to your potential career success. Join us to broaden your horizons, explore diverse opportunities, and be part of delivering sustainable change. Worley takes personal data protection seriously and respects EU and local data protection laws. You can read our full Recruitment Privacy Notice Here. Please note: If you are being represented by a recruitment agency you will not be considered, to be considered you will need to apply directly to Worley. Company Worley Primary Location IND-MM-Mumbai Other Locations IND-KR-Bangalore, IND-AP-Hyderabad, IND-MM-Pune, IND-MM-Navi Mumbai Job Cyber Security Schedule Full-time Employment Type Employee Job Level Experienced Job Posting Jul 14, 2025 Unposting Date Aug 13, 2025 Reporting Manager Title Manager

Job requisition ID :: 86003 Date: Jul 31, 2025 Location: Hyderabad Designation: Deputy Manager Entity: Deloitte South Asia LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile We are looking for an experienced Security Operations L3 Engineer to provide advanced-level support in monitoring, detecting, and responding to cybersecurity incidents. The L3 engineer will act as a senior escalation point, performing detailed threat analysis, handling complex incidents, and providing guidance to junior SOC team members. The ideal candidate will have deep expertise in incident response, threat hunting, and security monitoring tools, along with the ability to lead investigations and contribute to process improvements. Key Responsibilities: Incident Response (IR): Lead investigations and respond to advanced security incidents, providing root cause analysis, containment, eradication, and recovery recommendations. Threat Hunting: Proactively hunt for and analyze potential threats within the organization’s environment using SIEM tools, EDR, and threat intelligence feeds. Triage & Escalation: Act as the final escalation point for unresolved security incidents, assisting L1 and L2 teams with incident analysis and decision-making. Security Monitoring: Continuously monitor security tools (SIEM, EDR, IDS/IPS, etc.) to identify malicious activities, patterns, and anomalies. Forensic Analysis: Perform digital forensics and malware analysis on compromised systems to identify the nature of attacks and minimize future risks. SIEM Management: Tune and enhance SIEM rules, alerts, and dashboards to optimize detection capabilities and reduce false positives. Threat Intelligence Integration: Integrate and apply threat intelligence data to enrich detection capabilities and provide context to ongoing threats and incidents. Vulnerability Management: Collaborate with IT and security teams to assess and address vulnerabilities, ensuring timely patching and remediation. Process Improvement: Contribute to the development of incident response playbooks, procedures, and best practices to streamline SOC operations and improve response times. Mentorship & Training: Provide guidance and mentorship to L1 and L2 SOC analysts, conducting regular training sessions to enhance team capabilities. Reporting & Documentation: Produce detailed reports and metrics on incidents, threat activity, and overall SOC performance for both technical and executive audiences. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 5+ years of experience in security operations, with at least 2 years in an L3 or senior-level role. Strong hands-on experience in security monitoring, incident response, and threat hunting. Proficiency with SIEM tools (QRadar, Splunk, ArcSight, etc.), EDR solutions, and other security monitoring tools. Expertise in network security, malware analysis, intrusion detection, and digital forensics. Experience working with frameworks such as MITRE ATT&CK, NIST, and SANS Incident Response. Preferred Certifications: CISSP, CISM, GCIH, GCFA, or other relevant cybersecurity certifications. Certification in specific SIEM platforms (e.g., IBM QRadar, Splunk). How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Senior Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are seeking a Senior Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Lead and execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Qualifications 5+ years of relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated expertise in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The Defender Experts (DEX) Research team is at the forefront of Microsoft’s threat protection strategy, combining world-class hunting expertise with AI-driven analytics to protect customers from advanced cyberattacks. Our mission is to move protection left—disrupting threats early, before damage occurs—by transforming raw signals into intelligence that powers detection, disruption, and customer trust. We’re looking for a passionate and curious Threat Researcher to join this high-impact team. In this role, you will collaborate closely with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats that impact both Microsoft and third-party products. Leveraging a deep understanding of multi-cloud environments and diverse security architectures, you will develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel. Your research will directly contribute to the development of real-time protections for enterprises worldwide, ensuring comprehensive coverage across cloud platforms and strengthening the security posture of organizations leveraging a heterogeneous mix of technologies. This is a unique opportunity to work at scale, tackle complex cloud security challenges, and shape the evolution of threat research within Microsoft Security. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are seeking a Threat Researcher with a deep passion for advancing cloud security and a proven track record in high-throughput, multi-tenant environments. The successful candidate will demonstrate expertise in designing and deploying advanced detection engineering solutions—including Sentinel playbooks, workbooks, analytical rules, and custom detections. In this pivotal role, you will drive advanced research on emerging threats, architect innovative detection and response solutions, and play a key role in enhancing Microsoft Security’s capabilities to anticipate, detect, and disrupt sophisticated attacks across complex, heterogeneous cloud ecosystems. Responsibilities include: Execute advanced research on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments. Develop and refine detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Collaborate with internal and external security teams to implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response. Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base. Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems. Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud. Qualifications 3+ years relevant experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for SIEM platforms. Proven ability to execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments. Demonstrated experience in developing and refining detection and response strategies leveraging major SIEM platforms, with a strong emphasis on Microsoft Sentinel, to provide comprehensive threat coverage and response capabilities. Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as an understanding of multi-cloud security challenges and solutions. Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments. Proven ability to work independently and deliver complete solutions. Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Job Title: SOC L2 Analyst Location: Kochi, Kerala Department: Information Security / Cybersecurity Operations Employment Type: Full-time Job Summary We are seeking a skilled and proactive SOC Level 2 Analyst to join our Cybersecurity Operations team in Kochi. The ideal candidate will have a strong background in Threat Intelligence and Log Analysis , with the ability to detect, investigate, and respond to advanced security threats. You will work closely with L1 SOC Analysts, Incident Response, and Threat Hunting teams to ensure rapid detection and mitigation of security incidents. Key Responsibilities Monitor and analyze security events from SIEM platforms, IDS/IPS, firewalls, and other security tools. Perform detailed log analysis to identify indicators of compromise (IoCs) and suspicious activity. Utilize threat intelligence feeds to correlate, enrich, and prioritize alerts. Investigate escalated incidents from L1 SOC analysts, determine root cause, and recommend remediation. Conduct proactive threat hunting based on emerging threats and attacker tactics. Support incident response activities, including containment, eradication, and recovery. Maintain accurate documentation of incidents, investigations, and findings. Contribute to the continuous improvement of SOC processes and detection use cases. Collaborate with cross-functional security teams to strengthen the organization’s cyber defense posture. Key Skills & Requirements Technical Skills: Proficiency in Threat Intelligence analysis and application in SOC workflows. Expertise in Log Analysis and interpretation from multiple security devices and platforms. Experience with SIEM tools (e.g., Splunk, QRadar, ArcSight, Sentinel). Familiarity with MITRE ATT&CK framework and common attacker techniques. Understanding of TCP/IP, network protocols, and cybersecurity fundamentals. Experience & Education: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). 2–4 years of experience in a SOC environment, preferably as an L2 Analyst. Industry certifications such as CEH, GCIA, GCIH, Security+, CySA+ or equivalent are a plus. Soft Skills: Strong analytical and problem-solving skills. Ability to work effectively in a fast-paced, 24/7 SOC environment. Excellent communication and documentation skills. Job Types: Full-time, Permanent Pay: Up to ₹700,000.00 per year Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): What is your current CTC in INR? What is your current notice period? What is your current company name and location? How many years of experience as Soc Analyst L2? Experience: minimum: 4 years (Required) Work Location: In person

About noon noon, the region's leading consumer commerce platform. On December 12th, 2017, noon launched its consumer platform in Saudi Arabia and the UAE, expanding to Egypt in February 2019. The noon ecosystem of services now includes marketplaces for food delivery, quick-commerce, fintech, and fashion. noon is a work in progress; we’re six years in, but only 5% done. noon’s mission: every door, everyday. What we are looking for Noon’s Cybersecurity department, Security operations team is looking for a talented, experienced, and enthusiastic Senior Threat Detection Engineer to help build and scale the Detection & Threat Hunting program at Noon. The ideal candidate will be someone who has diverse security skill-set (IR, TI, SOC..) and specialized in detecting engineering and threat hunting. The focus area for this role will be on designing and implementing advanced detection mechanisms based on known/emerging attacks and pivoting techniques. The Sr. Threat Detection will be working on proactive approaches to advance steps ahead of attackers and help in building detection to identify advanced, current and emerging threats. He will be responsible for the design and implementation of security intelligence and detection capabilities across our applications and networks. This role will be assisting in building the strategy and the team for our Detection and Threat Hunting Program. He will be the focal point for the planning and execution of security investigation, response process and coordination of relevant parties when an information security incident occurs. In addition, documentation, analytical and critical thinking skills, investigation and forensics, and the ability to identify needs and take the initiative are key requirements of this position. About the role Help build and scale the Detection & Threat hunting Program at Noon Drive improvements in detection and response capabilities, and operations for the Internal SOC/TI Write detection signatures, tune security monitoring systems/ tools, develop automation scripts and correlation rules. Work closely with other Security Team members to strengthen our detection and defence mechanisms in regards to, Web applications, Cloud and Network. Exhibit knowledge of attacker lifecycle, TTPs, indicators of compromise (IOCs), and proactively implementing countermeasures to neutralize the threats. Identifies opportunities to enhance the development and implementation of new methods for detecting attacks and malicious activities. Participate as a member of the CSIRT during major incidents and lend contributions to post-Incident review and continuous improvement Proactive threat hunting of anomalies to identify IOCs and derive custom snort signatures for the IOCs Identifying and managing a wide range of intelligence sources to provide a holistic view of the threat landscape. (OSINT aggregation) Work closely with the Red Team and Blue Team to implement custom detection of new and emerging threats, and develop monitoring use cases. Coordinate in red teaming activities such as table-top and adversarial simulation exercises. Responsible for owning all confirmed incidents. This includes publishing Incident Report, documenting Lessons Learnt and updating Knowledge Base. Required Expertise: Required: Senior level experience in a threat intel, detection, IR, or similar cybersecurity roles for medium to large organizations. Required: Technical professional security certifications in Incident Response, Digital Forensics, Offensive Security, or Malware Analysis, such as GCIH, GCFA, GNFA, GCTI, OSCP or similar Bachelor’s degree in Computing, Information Technology, Engineering or a related field, with a strong security component. Hands-on experience in detection engineering, advanced cyber threat intelligence activities, intrusion detection, incident response, and security content development (e.g., signatures, rules, etc.) A broad and diverse security skill-set with an advanced understanding of modern network security technologies (e.g. Firewalls, Intrusion Detection/Prevention Systems, Access Control Lists, Network Segmentation, SIEMs, Auditing/Logging and Identity & Access Management solutions, DDoS protection etc.). Knowledge of at least one common scripting language (Python, Ruby, Go). Experience handling and building a SOAR such as Chronicle’s SOAR, Demisto, Phantom or similar tools. Experience conducting and leading incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Insider Threats .. etc. Understanding of log collection and aggregation techniques, Elastic Search, Logstash, Kibana (ELK), Syslog-NG, Windows Event Forwarding (WEF), etc. Experience with endpoint security agents (Carbon Black, Crowdstrike, etc.). Preferred Qualifications: Hands on experience with Chronicle SIEM/SOAR and Google SecOps Expertise in threat hunting in one or more public cloud solutions such as AWS and GCP Ability to work with a team or independently with minimal direction/leadership Hands-on experience in offensive/defensive web applications security is a big plus for this role. Highly motivated and self-directed with a passion for solving complex problems Establishes industry expertise through writing, speaking or online presence. Who will excel? We’re looking for people with high standards, who understand that hard work matters. You need to be relentlessly resourceful and operate with a deep bias for action. We need people with the courage to be fiercely original. noon is not for everyone; readiness to adapt, pivot, and learn is essential.

Job requisition ID :: 86651 Date: Jul 31, 2025 Location: Delhi Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As a AM/DM in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities Proactively hunt for threats using SIEM, EDR, and other telemetry data (e.g., Splunk, Microsoft Sentinel, CrowdStrike, etc.). Perform advanced threat analysis and identify Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) based on frameworks like MITRE ATT&CK. Develop and fine-tune detection use cases, custom rules, and analytics to identify malicious behaviors. Collaborate with SOC, Threat Intelligence, IR, and Red Team teams to enhance detection capabilities. Analyze threat actor campaigns and exploit techniques to determine potential impact and mitigations. Perform root cause analysis of security incidents and recommend preventive measures. Prepare threat hunting reports and executive summaries for technical and non-technical stakeholders. Continuously improve the threat hunting process through automation and data enrichment. Stay updated on the latest cyber threats, vulnerabilities, and threat actor trends. Your role as AM We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s). Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job Description Cyber Defence Analyst About GKN Automotive GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production. We are the trusted partner for most of the world’s automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies. GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector. What you’ll do: The Cyber Defence Analyst plays a meaningful role in improving the organisation’s security posture by bridging the gap between incident response and vulnerability management. Operating in a hybrid model, this role works closely with a supplier landscape that provides first-line monitoring and escalates incidents for further investigation. As such, the Cyber Defence Analyst is expected to operate at a level capable of handling complex investigations, leading response efforts, and driving remediation activities. This role supports both the Security Monitoring and Vulnerability Management functions, ensuring a cohesive, end-to-end approach to cyber defence. By responding to threats in real time and proactively reducing the organisation’s exposure to future risks, the Cyber Defence Analyst helps maintain a resilient and unified security operation. As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents, emerging threats, or urgent vulnerability disclosures. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business. Key responsibilities include: Serve between the Security Monitoring and Vulnerability Management teams. Act as a key responder to security incidents, driving investigation, containment, and recovery activities. Assist in identifying, assessing, and tracking remediation of vulnerabilities across the organisation. Perform in-depth analysis of security alerts, logs, and telemetry from SIEM, EDR, and other security tools. Support scanning, reporting, and communication of vulnerability data to collaborators. Develop and refine detection logic to improve visibility and reduce false positives, using frameworks such as MITRE ATT&CK. Maintain and improve incident response playbooks, ensuring they reflect current threats and standard methodologies. Know the latest threat actor tactics, techniques, and procedures (TTPs) and apply them to improve defences. Find opportunities to automate repetitive tasks across security monitoring and vulnerability workflows. Promote a unified approach to cyber defence, avoiding siloed operations. Support initiatives that strengthen the organisation’s overall cyber resilience. What you’ll need: Experience as L2 Analyst - as least 3 years Demonstrable experience in information security, with a focus on security operations. Proven track record in stakeholder and partner/vendor management and collaboration across various groups. Experience handling incidents and supporting complex investigations. Hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys). Confident in analysing logs from various sources such as endpoints, networks & cloud services. Ability to apply threat intelligence to enrich investigations. Good understanding of relevant threat actors, relevant frameworks and CVSS scoring Ability to script or automate tasks. Familiarity with infrastructure, cloud, and application security principles. Able to write reports and tailor them to a mixture of collaborators. While certifications are not a strict requirement, they can improve a candidate’s profile by demonstrating relevant expertise. Any recognised security certifications will be considered, with value placed on those that demonstrate expertise in core blue team disciplines, as well as vulnerability and risk management. Experience with the following tooling: Sentinel, Defender Why you’ll love working here: Market-leading company with lots of potential Opportunity to take part in brand-new company projects Attractive salary and benefits at a stable and financially healthy company An organisation where you can commit to the long-term Working in the OneIT team with colleagues around the globe How to apply: Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language. If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you – please feel free to get in touch with us at accommodations@gknautomotive.com (mailto:accommodations@gknautomotive.com) Deadline: The closing date will be July 25th GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world’s car manufacturers. As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders helps bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives, to spark originality, imagination and creativity in our teams around the world. GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process. Please contact us to request any such accommodation.